WifiphisherWifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares.
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
JwtA JWT (JSON Web Token) Encoder & Decoder
CodeqlGitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
Bolt⚡🐧 - Thunderbolt 3 device manager | This is a MIRROR of bolt from fd.o
NetcapA framework for secure and scalable network traffic analysis - https://netcap.io
TwofaA TouchID-aware 2-factor authenticator for macOS
ZitadelZITADEL - Cloud Native Identity and Access Management
Libsodium GoA complete overhaul of the Golang wrapper for libsodium
Sofa HessianAn internal improved version of Hessian powered by Ant Financial.
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Security TxtA proposed standard that allows websites to define security policies.
NfrA lightweight tool to score network traffic and flag anomalies
KarnSimplifying Seccomp enforcement in containerized or non-containerized apps
SecurityheadersCheck any website (or set of websites) for insecure security headers.
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Droid Watcher[OUTDATED & UNSUPPORTED] Droid Watcher - Android Spy Application
CtfCtf solutions from p4 team
M4ngl3m3Common password pattern generator using strings list
MaskedMask sensitive data: replace blacklisted elements with redacted values
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
BapBinary Analysis Platform
ArchtorifyTransparent proxy through Tor for Arch Linux OS
AutowireAutomatically configure Wireguard interfaces in distributed system. It supports Consul as backend.
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Nothing PrivateDo you think you are safe using private browsing or incognito mode?. 😄 👿 This will prove that you're wrong.
Fastsitephp🌟 FastSitePHP 🌟 A Modern Open Source Framework for building High Performance Websites and API’s with PHP
Kr U2fA Browser extension that lets you use your phone as a U2F/WebAuthN Authenticator for strong, unphishable 2FA.
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
FugaciousOSSSM (awesome). Open source short-term secure messaging
Pyjksa pure python Java KeyStore file parser, including private key decryption
Awesome Iot HacksA Collection of Hacks in IoT Space so that we can address them (hopefully).
PygreynoisePython3 library and command line for GreyNoise
SiacSIAC is an enterprise SIEM built on open-source technology.
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
BettercapThe Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
TeleportCertificate authority and access plane for SSH, Kubernetes, web apps, databases and desktops
Hacl StarHACL*, a formally verified cryptographic library written in F*
Parsec CloudOpen source Dropbox-like file sharing with full client encryption !